Transfers of data from EU to US can still occur. The Article 29 Working Party has set a deadline of end of January 2016 for Safe Harbour 2.0 to be finalised. After this, depending upon what transfer methods are being used, the data protection authorities will start taking enforcement action.
The European Commission sets out how to ensure data transfers continue to be compliant with the Data Protection Directive:
- Contractual solutions including use of model clauses
- Intra group transfers under binding corporate rules
- Derogations – including consent by the data subject or it is necessary for the performance of a contract etc
[…] to hand over customer data stored outside the US). We have the EU’s data protection working group trying to convince us that you can still do extra-territorial data transfer, while at least one German DPA is saying the exact […]
[…] Where the Commission is happy that the recipient country ensures an adequte level of protection. At present, Safe Harbour 2.0 has yet to be finalised for transfers to the USA and the clock is ticking. […]
[…] EU Commission, the Article 29 Working Party and the UK Information Commissioner effectively said the model clauses were acceptable while Safe Harbour 2.0 was being finalised. In fact, the Article 29 Working Party set a deadline […]